summaryrefslogtreecommitdiffstats
path: root/arch/arm64/net
diff options
context:
space:
mode:
authorAlexei Starovoitov <ast@fb.com>2017-12-15 02:55:14 +0100
committerDaniel Borkmann <daniel@iogearbox.net>2017-12-17 20:34:36 +0100
commit60b58afc96c9df71871df2dbad42037757ceef26 (patch)
tree5651c4845120fc28c9712f53f31962adfd4abe73 /arch/arm64/net
parentbpf: add support for bpf_call to interpreter (diff)
downloadlinux-60b58afc96c9df71871df2dbad42037757ceef26.tar.xz
linux-60b58afc96c9df71871df2dbad42037757ceef26.zip
bpf: fix net.core.bpf_jit_enable race
global bpf_jit_enable variable is tested multiple times in JITs, blinding and verifier core. The malicious root can try to toggle it while loading the programs. This race condition was accounted for and there should be no issues, but it's safer to avoid this race condition. Signed-off-by: Alexei Starovoitov <ast@kernel.org> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Diffstat (limited to 'arch/arm64/net')
-rw-r--r--arch/arm64/net/bpf_jit_comp.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/arch/arm64/net/bpf_jit_comp.c b/arch/arm64/net/bpf_jit_comp.c
index ba38d403abb2..288137cb0871 100644
--- a/arch/arm64/net/bpf_jit_comp.c
+++ b/arch/arm64/net/bpf_jit_comp.c
@@ -844,7 +844,7 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
int image_size;
u8 *image_ptr;
- if (!bpf_jit_enable)
+ if (!prog->jit_requested)
return orig_prog;
tmp = bpf_jit_blind_constants(prog);